Privacy Policy and commitment to Data Protection and EU-US Privacy Shield principles

 

At SpiraLinks, we take the requirements of Data Privacy very seriously. This Privacy Policy is published to inform visitors to the spl.com, spiralinks.com, kata.com and focalreview.com websites of what data may be gathered on these websites, how it may be used and with whom it may be shared. If you have any questions regarding this Privacy Policy, please contact privacy@spiralinks.com.

The privacy policies described here apply to all visitors to www.spl.com, www.spiralinks.com, www.kata.com and www.focalreview.com (collectively referred to throughout this document, with their parent company SpiraLinks, as “SPL”).

Section 5 of this Privacy Policy contains, for the benefit of current and potential employees of SpiraLinks and for the information of other visitors to these sites and other members of the public, the company’s commitment to the protection of personal information of employees, candidates, contractors and other third parties providing or seeking to provide services to SPL.

In furtherance of our commitment to consistent management of secure personal data, SpiraLinks is compliant with the Data Protection laws in Europe. SpiraLinks complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries.  SpiraLinks has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.  If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/
 

1. Information Collected on our Websites

 

SPL collects and retains contact information for you as a visitor only if you voluntarily supply us with this information, which may include your e-mail address, street address, telephone number or other information to access protected information on our website or so we can follow up with you after your visit. If you have voluntarily provided this information, you consented to the collection and use of such personally identifiable information as described in this Privacy Policy.

SPL does not share, sell, rent, or trade personally identifiable information collected through these websites with third parties for their sole promotional purposes.

SPL may disclose information in special cases when we have a good faith belief that such action is necessary to: (a) conform to legal requirements or comply with legal processes; (b) protect and defend our rights or property; (c) enforce the Website Conditions of Use; or (d) act to protect the interests of our users or others.

Please note that the information you provide to SPL may be processed or held on computer systems and files of SPL companies throughout the world. This may include companies, offices or data centers outside the European Economic Area. All SPL companies maintain the same levels of data protection, confidentiality and security. In certain cases, your information may be passed to companies who process data on behalf of SPL. In such cases we ensure that appropriate confidentiality arrangements are in place.
 

2. Information Management

 

Servers hosting our websites automatically record certain information about you when you use the sites, including details of your domain name, IP address, operating system and browser. SPL may use this information to understand website usage and traffic.

SPL may use cookies or other similar text files or programs when you visit certain parts of the SPL websites. A cookie is a small file that is sent to your browser and helps SPL to understand your use of the SPL websites and enables you to access, navigate and use the services provided on the SPL websites. For information about blocking the use of cookies, please refer to the instructions/help screen on your Internet browser. Please note that if you block cookies you may not be able to access certain online services provided on the SPL websites.

This website contains links to other sites that are not owned or controlled by SPL. Please be aware that SPL is not responsible for the privacy practices of such other sites. The present Privacy Policy applies only to information collected by this website.
 

3. Security and Confidentiality

 

SPL employs industry standard security measures to ensure the security of all data. We subscribe to the principles and practices of EU-US Privacy Shield requirements with respect to the acquisition, retention, use and management of all data originating in, used in or destined for the European Union.

We will take all reasonable steps to protect the confidentiality and security of your personal information. However, you accept the security risks inherent in providing information online over the Internet and will not hold SPL responsible for any breach of security unless this is due to our negligence.

You are also responsible for maintaining the security of any password, user ID, and any authentication needed to access any SPL website. SPL may suspend your use of a site, without notice, if any breach of security is detected or suspected. Access to and use of password protected and/or secure areas of any SPL website is restricted to authorized users only. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.
 

4. Opt-Out or to Update Your Information

 

SpiraLinks will provide an individual with an opt-out or opt-in choice before we share their data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized.

If at any time after registering for information you change your mind, send us a request specifying your new choice. Please send your request to privacy@spiralinks.com or to:

SpiraLinks Corporation
Attention: Privacy Complaints
1682 Dell Avenue
Campbell, California 95008 USA

We will respond to your correction or update request within a reasonable timeframe.
 

5. Employee Information

 

SpiraLinks will treat all personal data, whether acquired through recruitment, employment or termination processes, whether the product of employment, third party agent, client or vendor activities, whether related to services provided or proposed, in accordance with the requirements of European Data Protection or EU-US Privacy Shield principles whichever, is appropriate. In particular:

  • Notice. We will notify you of what data we collect, why, with whom and to what use it may be put, and we will tell you how and where to contact us with inquiries or complaints.
  • Choice. We will pro-actively give you the opportunity to opt out of any disclosure of such information to third parties or re-purposes of the data collected. Where the sensitivity of the data justifies, we will ask you to opt-in to such disclosure.
  • Accountability for Onward Transfer. If any transfer of data to a third party is made, we will ensure that the recipient will treat such information as privileged and manage it with the same respect for Data Protection and EU-US Privacy Shield principles.

In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield, SpiraLinks is potentially liable.

  • Security. All data transfers will be encrypted and treated with such reasonably possible confidentiality and security as currently available technology and industry best practices may then permit.
  • Data Integrity and Purpose Limitation. We will use data only for the purposes for which it is reasonably intended, and will ensure it is as relevant, accurate and complete as reasonably possible.

We also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including, to meet national security or law enforcement requirements.

  • Access. You will have access to your personal data and will have the opportunity to correct or update it.

SpiraLinks acknowledges that EU individuals have the right to access the personal information/data that we maintain about them. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to privacy@spiralinks.com. If requested to remove data, we will respond within a reasonable timeframe.

  • Recourse, Enforcement and Liability. In compliance with the EU-US Privacy Shield Principles, SpiraLinks commits to resolve complaints about your privacy and our collection or use of your personal information.  European Union individuals with inquiries or complaints regarding this privacy policy should first contact SpiraLinks at:

SpiraLinks Corporation
Attention: Privacy Complaints
1682 Dell Ave
Campbell, CA 95008 USA

+1.408.608.6912
e-mail: privacy@spiralinks.com

SpiraLinks is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

SpiraLinks has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by SpiraLinks, and your inquiry or complaint involves human resource data collected in the context of the employment relationship, you may have your complaint considered by an independent recourse mechanism: for EU/EEA Data Subjects, a panel established by the EU data protection authorities (“DPA Panel”).  To do so, you should contact the state or national data protection or labor authority in the jurisdiction where you work. SpiraLinks agrees to cooperate with the relevant national DPAs and to comply with the decisions of the DPA Panel.
 

6. Changes to this Privacy Policy

 

We reserve the right to modify this Privacy Policy at any time, consistent with the requirements of the EU-US Privacy Shield principles, so please review it frequently. If we make material changes to this policy, we will notify you here or by email.
 

7. Additional Information

 

Questions regarding this Policy, the practices of this website or the implementation of Data Protection or EU-US Privacy Shield principles should be sent to SpiraLinks by emailing privacy@spiralinks.com or by regular mail addressed to

SpiraLinks Corporation
Attention: Privacy Complaints
1682 Dell Avenue
Campbell, California 95008 USA

Last Updated: 2016

Comodo SSL